Sophisticated criminals cause 350%-plus increase in Contact Centre fraud attacks from 2013-2017

Pindrop’s Voice Intelligence Report 2018 suggests that voice fraud has intensified and is on the up. Between 2016 (one in 937 calls) and 2017 (one in 638 calls), the overall voice channel fraud rate increased by 47%, continuing on the upward trend from last year’s 113% increase. Over the last four years, the fraud rate has climbed by over 350%, with no signs of slowing down.

Two reasons underpin the rise in fraud. First, with cyber crime valued as a $1.5 trillion industry, it’s unsurprising that the frequency of data leaks has contributed to the problem. Risk Xtra recently reported British Airways suffering a data breach that meant around 380,000 card payment details were compromised, while in the United States, as many as 1,300 breaches were tracked last year by the Identity Theft Resource Centre.

Second, fraudsters have become highly sophisticated and have gone omnichannel. For example, a fraudster may use social engineering to reset a password on a victim’s account then use that reset password to commit online fraud.

On one anonymous Fortune 500 customer environment, Pindrop conducted a forensic investigation of fraud in the Interactive Voice Response (IVR) function, as well as the phone channel and the online channel. Pindrop Labs found that suspicious activity in the IVR is the leading indicator of cross-channel fraud. On average, suspicious IVR activity resulted in a fraudulent transaction attempt 15 days later. For more than 85% of fraudulent transactions that originated in the IVR, Pindrop had a 24-hour lead time. This time gap in activity is typical of fraudsters who may be using IVR to verify lists of compromised accounts purchased on The Dark Web. The intention then may be to fine-tune and re-sell that list (accounts identified has having higher activity are more attractive on The Dark Web). This activity aids cyber criminals to profit from data breaches without taking the risk of committing fraud.

Most targeted industries: insurance, banking and retail

Unlike brokerages, insurance companies are seeing a much greater rate of increase in voice fraud, which escalated by 36% from 2016 to 2017 and has risen by 248% since 2015. Banks come in a close second with a 20% increase in fraud year-on-year and an astonishing 269% increase over the last four years. This is closely followed by retail which has seen a 15% increase and a 134% rise over the same four-year period.

Pindrop reported in June this year that business use of voice technology will triple in the next 12 months. The ‘Internet of Ears’ revolution is set to be the biggest opportunity, but also the biggest threat to brand security. Pindrop’s Voice Intelligence Report 2018 reveals that synthetic voice is probably one of the most exciting and potentially the scariest technology threats to consumer data security. Businesses already use machine learning for device, behaviour and voice matching. Fraudsters remain slightly ahead, using machine learning to create synthetic speech, spoof Automatic Number Identifications and conduct ‘robocalls’ to mass attack and spider through an organisation’s IVR in order to verify stolen account information.

Vijay Balasubramaniyan, CEO and co-founder of Pindrop, stated: “A major reason fraud rates rise is that most organisations struggle to find the right balance of security and customer service. When stronger traditional security measures are put into place, these measures typically impact customer experience, and often to an organisation’s detriment. The proliferation of voice technologies will continue to put consumers’ security and identity at risk. Currently, fraudsters can easily dodge existing authentication methods. As businesses adopt the latest voice technologies for the majority of customer interactions, there will be a parallel need for top-notch security.”

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts